[SECURITY] gd: CVE-2014-2497
Yaakov Selkowitz
yselkowitz@cygwin.com
Tue Jan 20 17:06:00 GMT 2015
On Mon, 2015-01-19 at 23:38 -0600, Yaakov Selkowitz wrote:
> Dr. Volker Zell,
>
> A security vulnerability has been made public for gd. Could you please:
>
> 1) port this patch to 2.0.36RC1, for the benefit of those package
> currently linked against libgd2:
>
> http://git.php.net/?p=php-src.git;a=patch;h=cf47536
Please consider the attached.
> 2) AND could you bump gd to 2.1.1, which already includes this fix, from
> its new home at http://libgd.bitbucket.org/ so we can move on to the
> currently supported code base for future builds?
--
Yaakov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gd-2.0.36RC1-CVE-2014-2497.patch
Type: text/x-patch
Size: 874 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin-apps/attachments/20150120/b2f37fe6/attachment.bin>
More information about the Cygwin-apps
mailing list